Fix CSRF tests (fixes #2009)

2024-11-09 14:50:56 +00:00 · 2015-06-30 19:38:27 +01:00 · 2015-06-30 19:38:27 +01:00 · 37a42dc408
commit 37a42dc408
parent a03c9f9457
1 changed files with 4 additions and 2 deletions
--- a/test/http_test.go
+++ b/test/http_test.go
@ -204,6 +204,7 @@ func TestPOSTWithoutCSRF(t *testing.T) {
 	}
 	res.Body.Close()
 	hdr := res.Header.Get("Set-Cookie")
+	id := res.Header.Get("X-Syncthing-ID")[:5]
 	if !strings.Contains(hdr, "CSRF-Token") {
 		t.Error("Missing CSRF-Token in", hdr)
 	}
@ -214,7 +215,8 @@ func TestPOSTWithoutCSRF(t *testing.T) {
 	if err != nil {
 		t.Fatal(err)
 	}
-	req.Header.Set("X-CSRF-Token", hdr[len("CSRF-Token="):])
+
+	req.Header.Set("X-CSRF-Token-"+id, hdr[len("CSRF-Token-"+id+"="):])
 	res, err = http.DefaultClient.Do(req)
 	if err != nil {
 		t.Fatal(err)
@ -230,7 +232,7 @@ func TestPOSTWithoutCSRF(t *testing.T) {
 	if err != nil {
 		t.Fatal(err)
 	}
-	req.Header.Set("X-CSRF-Token", hdr[len("CSRF-Token="):]+"X")
+	req.Header.Set("X-CSRF-Token-"+id, hdr[len("CSRF-Token-"+id+"="):]+"X")
 	res, err = http.DefaultClient.Do(req)
 	if err != nil {
 		t.Fatal(err)